Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Allowing specific subnet out

I have a question I have a pix 515E and what I would like to do is allow a certain subnet out to only talk to a specific subnet out on the internet how would I do that? So for example I have a user subnet on the subnet and would like that subnet to only talk to subnet. I want to block everything else internally to talk to that subnet. How can I do that?

Hall of Fame Super Blue

Re: Allowing specific subnet out


Assuming you don't want to stop other traffic to other subnets -

access-list inside_out permit ip

access-list inside_out deny ip any

access-list inside_out permit ip any any

access-group inside_out in interface inside


New Member

Re: Allowing specific subnet out

Well the way things are set up is that everything goes through a proxy server I would like subnet to by pass the proxy server and be the only subnet that can talk to the everthing else would be blocked. Also I want the 10.255 subnet to only to talk to that subnet any other attempt to go out the internet would be routed through the proxy server, what you posted that will accomplish this?

CreatePlease to create content